aws-cdk-lib 2.201.0__py3-none-any.whl → 2.203.0__py3-none-any.whl

aws_cdk/aws_msk/__init__.py

@@ -843,7 +843,7 @@ class CfnCluster(
             '''Describes the setup to be used for the broker nodes in the cluster.
 
             :param client_subnets: The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces (ENIs) inside these subnets. Client applications use ENIs to produce and consume data. If you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify. Client subnets can't occupy the Availability Zone with ID ``use1-az3`` .
-            :param instance_type: The type of Amazon EC2 instances to use for brokers. The following instance types are allowed: kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge, and kafka.t3.small.
+            :param instance_type: The type of Amazon EC2 instances to use for brokers. Depending on the `broker type <https://docs.aws.amazon.com/msk/latest/developerguide/broker-instance-types.html>`_ , Amazon MSK supports the following broker sizes: *Standard broker sizes* - kafka.t3.small .. epigraph:: You can't select the kafka.t3.small instance type when the metadata mode is KRaft. - kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge - kafka.m7g.large, kafka.m7g.xlarge, kafka.m7g.2xlarge, kafka.m7g.4xlarge, kafka.m7g.8xlarge, kafka.m7g.12xlarge, kafka.m7g.16xlarge *Express broker sizes* - express.m7g.large, express.m7g.xlarge, express.m7g.2xlarge, express.m7g.4xlarge, express.m7g.8xlarge, express.m7g.12xlarge, express.m7g.16xlarge .. epigraph:: Some broker sizes might not be available in certian AWS Regions. See the updated `Pricing tools <https://docs.aws.amazon.com/msk/pricing/>`_ section on the Amazon MSK pricing page for the latest list of available instances by Region.
             :param broker_az_distribution: This parameter is currently not in use.
             :param connectivity_info: Information about the cluster's connectivity setting.
             :param security_groups: The security groups to associate with the ENIs in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the ``ec2:DescribeSecurityGroups`` permission.
@@ -937,7 +937,26 @@ class CfnCluster(
         def instance_type(self) -> builtins.str:
             '''The type of Amazon EC2 instances to use for brokers.
 
-            The following instance types are allowed: kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge, and kafka.t3.small.
+            Depending on the `broker type <https://docs.aws.amazon.com/msk/latest/developerguide/broker-instance-types.html>`_ , Amazon MSK supports the following broker sizes:
+
+            *Standard broker sizes*
+
+            - kafka.t3.small
+
+            .. epigraph::
+
+               You can't select the kafka.t3.small instance type when the metadata mode is KRaft.
+
+            - kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge
+            - kafka.m7g.large, kafka.m7g.xlarge, kafka.m7g.2xlarge, kafka.m7g.4xlarge, kafka.m7g.8xlarge, kafka.m7g.12xlarge, kafka.m7g.16xlarge
+
+            *Express broker sizes*
+
+            - express.m7g.large, express.m7g.xlarge, express.m7g.2xlarge, express.m7g.4xlarge, express.m7g.8xlarge, express.m7g.12xlarge, express.m7g.16xlarge
+
+            .. epigraph::
+
+               Some broker sizes might not be available in certian AWS Regions. See the updated `Pricing tools <https://docs.aws.amazon.com/msk/pricing/>`_ section on the Amazon MSK pricing page for the latest list of available instances by Region.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-msk-cluster-brokernodegroupinfo.html#cfn-msk-cluster-brokernodegroupinfo-instancetype
             '''

aws_cdk/aws_mwaa/__init__.py

@@ -145,7 +145,8 @@ class CfnEnvironment(
             startup_script_s3_path="startupScriptS3Path",
             tags=tags,
             webserver_access_mode="webserverAccessMode",
-            weekly_maintenance_window_start="weeklyMaintenanceWindowStart"
+            weekly_maintenance_window_start="weeklyMaintenanceWindowStart",
+            worker_replacement_strategy="workerReplacementStrategy"
         )
     '''
 
@@ -179,6 +180,7 @@ class CfnEnvironment(
         tags: typing.Any = None,
         webserver_access_mode: typing.Optional[builtins.str] = None,
         weekly_maintenance_window_start: typing.Optional[builtins.str] = None,
+        worker_replacement_strategy: typing.Optional[builtins.str] = None,
     ) -> None:
         '''
         :param scope: Scope in which this resource is defined.
@@ -208,6 +210,7 @@ class CfnEnvironment(
         :param tags: The key-value tag pairs associated to your environment. For example, ``"Environment": "Staging"`` . To learn more, see `Tagging <https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html>`_ . If you specify new tags for an existing environment, the update requires service interruption before taking effect.
         :param webserver_access_mode: The Apache Airflow *Web server* access mode. To learn more, see `Apache Airflow access modes <https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html>`_ . Valid values: ``PRIVATE_ONLY`` or ``PUBLIC_ONLY`` .
         :param weekly_maintenance_window_start: The day and time of the week to start weekly maintenance updates of your environment in the following format: ``DAY:HH:MM`` . For example: ``TUE:03:30`` . You can specify a start time in 30 minute increments only. Supported input includes the following: - MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\d|2[0-3]):(00|30)
+        :param worker_replacement_strategy: The worker replacement strategy to use when updating the environment. Valid values: ``FORCED``, ``GRACEFUL``. FORCED means Apache Airflow workers will be stopped and replaced without waiting for tasks to complete before an update. GRACEFUL means Apache Airflow workers will be able to complete running tasks for up to 12 hours during an update before being stopped and replaced.
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__558d6a60af086ab1a40ad8057fcb128456129bbbd328752ab90d8a6d573efb1c)
@@ -239,6 +242,7 @@ class CfnEnvironment(
             tags=tags,
             webserver_access_mode=webserver_access_mode,
             weekly_maintenance_window_start=weekly_maintenance_window_start,
+            worker_replacement_strategy=worker_replacement_strategy,
         )
 
         jsii.create(self.__class__, self, [scope, id, props])
@@ -737,6 +741,19 @@ class CfnEnvironment(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "weeklyMaintenanceWindowStart", value) # pyright: ignore[reportArgumentType]
 
+    @builtins.property
+    @jsii.member(jsii_name="workerReplacementStrategy")
+    def worker_replacement_strategy(self) -> typing.Optional[builtins.str]:
+        '''The worker replacement strategy to use when updating the environment.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "workerReplacementStrategy"))
+
+    @worker_replacement_strategy.setter
+    def worker_replacement_strategy(self, value: typing.Optional[builtins.str]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__6a69a886eac1c8570e29fe73891b3d0a6bf8bc1d04ac36bc656c130c6498adef)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "workerReplacementStrategy", value) # pyright: ignore[reportArgumentType]
+
     @jsii.data_type(
         jsii_type="aws-cdk-lib.aws_mwaa.CfnEnvironment.LoggingConfigurationProperty",
         jsii_struct_bases=[],
@@ -1092,6 +1109,7 @@ class CfnEnvironment(
         "tags": "tags",
         "webserver_access_mode": "webserverAccessMode",
         "weekly_maintenance_window_start": "weeklyMaintenanceWindowStart",
+        "worker_replacement_strategy": "workerReplacementStrategy",
     },
 )
 class CfnEnvironmentProps:
@@ -1123,6 +1141,7 @@ class CfnEnvironmentProps:
         tags: typing.Any = None,
         webserver_access_mode: typing.Optional[builtins.str] = None,
         weekly_maintenance_window_start: typing.Optional[builtins.str] = None,
+        worker_replacement_strategy: typing.Optional[builtins.str] = None,
     ) -> None:
         '''Properties for defining a ``CfnEnvironment``.
 
@@ -1151,6 +1170,7 @@ class CfnEnvironmentProps:
         :param tags: The key-value tag pairs associated to your environment. For example, ``"Environment": "Staging"`` . To learn more, see `Tagging <https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html>`_ . If you specify new tags for an existing environment, the update requires service interruption before taking effect.
         :param webserver_access_mode: The Apache Airflow *Web server* access mode. To learn more, see `Apache Airflow access modes <https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html>`_ . Valid values: ``PRIVATE_ONLY`` or ``PUBLIC_ONLY`` .
         :param weekly_maintenance_window_start: The day and time of the week to start weekly maintenance updates of your environment in the following format: ``DAY:HH:MM`` . For example: ``TUE:03:30`` . You can specify a start time in 30 minute increments only. Supported input includes the following: - MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\d|2[0-3]):(00|30)
+        :param worker_replacement_strategy: The worker replacement strategy to use when updating the environment. Valid values: ``FORCED``, ``GRACEFUL``. FORCED means Apache Airflow workers will be stopped and replaced without waiting for tasks to complete before an update. GRACEFUL means Apache Airflow workers will be able to complete running tasks for up to 12 hours during an update before being stopped and replaced.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mwaa-environment.html
         :exampleMetadata: fixture=_generated
@@ -1220,7 +1240,8 @@ class CfnEnvironmentProps:
                 startup_script_s3_path="startupScriptS3Path",
                 tags=tags,
                 webserver_access_mode="webserverAccessMode",
-                weekly_maintenance_window_start="weeklyMaintenanceWindowStart"
+                weekly_maintenance_window_start="weeklyMaintenanceWindowStart",
+                worker_replacement_strategy="workerReplacementStrategy"
             )
         '''
         if __debug__:
@@ -1250,6 +1271,7 @@ class CfnEnvironmentProps:
             check_type(argname="argument tags", value=tags, expected_type=type_hints["tags"])
             check_type(argname="argument webserver_access_mode", value=webserver_access_mode, expected_type=type_hints["webserver_access_mode"])
             check_type(argname="argument weekly_maintenance_window_start", value=weekly_maintenance_window_start, expected_type=type_hints["weekly_maintenance_window_start"])
+            check_type(argname="argument worker_replacement_strategy", value=worker_replacement_strategy, expected_type=type_hints["worker_replacement_strategy"])
         self._values: typing.Dict[builtins.str, typing.Any] = {
             "name": name,
         }
@@ -1301,6 +1323,8 @@ class CfnEnvironmentProps:
             self._values["webserver_access_mode"] = webserver_access_mode
         if weekly_maintenance_window_start is not None:
             self._values["weekly_maintenance_window_start"] = weekly_maintenance_window_start
+        if worker_replacement_strategy is not None:
+            self._values["worker_replacement_strategy"] = worker_replacement_strategy
 
     @builtins.property
     def name(self) -> builtins.str:
@@ -1587,6 +1611,17 @@ class CfnEnvironmentProps:
         result = self._values.get("weekly_maintenance_window_start")
         return typing.cast(typing.Optional[builtins.str], result)
 
+    @builtins.property
+    def worker_replacement_strategy(self) -> typing.Optional[builtins.str]:
+        '''The worker replacement strategy to use when updating the environment.
+
+        Valid values: ``FORCED``, ``GRACEFUL``. FORCED means Apache Airflow workers will be stopped and replaced without waiting for tasks to complete before an update. GRACEFUL means Apache Airflow workers will be able to complete running tasks for up to 12 hours during an update before being stopped and replaced.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mwaa-environment.html#cfn-mwaa-environment-workerreplacementstrategy
+        '''
+        result = self._values.get("worker_replacement_strategy")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     def __eq__(self, rhs: typing.Any) -> builtins.bool:
         return isinstance(rhs, self.__class__) and rhs._values == self._values
 
@@ -1635,6 +1670,7 @@ def _typecheckingstub__558d6a60af086ab1a40ad8057fcb128456129bbbd328752ab90d8a6d5
     tags: typing.Any = None,
     webserver_access_mode: typing.Optional[builtins.str] = None,
     weekly_maintenance_window_start: typing.Optional[builtins.str] = None,
+    worker_replacement_strategy: typing.Optional[builtins.str] = None,
 ) -> None:
     """Type checking stubs"""
     pass
@@ -1801,6 +1837,12 @@ def _typecheckingstub__c4b7b1ca9a0752d370dddfd37838d62fc0fdbdce81d79923961a78bfa
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__6a69a886eac1c8570e29fe73891b3d0a6bf8bc1d04ac36bc656c130c6498adef(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__d823c014bd64bec48bc3afd2f5085d92c0e9f9e6f7641f491eeb3020665639f5(
     *,
     dag_processing_logs: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union[CfnEnvironment.ModuleLoggingConfigurationProperty, typing.Dict[builtins.str, typing.Any]]]] = None,
@@ -1856,6 +1898,7 @@ def _typecheckingstub__9d7baed808ece1f6aca4fce5dbeac04c731d688aec6f3395e1f0892ea
     tags: typing.Any = None,
     webserver_access_mode: typing.Optional[builtins.str] = None,
     weekly_maintenance_window_start: typing.Optional[builtins.str] = None,
+    worker_replacement_strategy: typing.Optional[builtins.str] = None,
 ) -> None:
     """Type checking stubs"""
     pass

aws_cdk/aws_networkfirewall/__init__.py

@@ -4352,6 +4352,8 @@ class CfnRuleGroup(
         ) -> None:
             '''Settings that are available for use in the rules in the ``RuleGroup`` where this is defined.
 
+            See ``CreateRuleGroup`` or ``UpdateRuleGroup`` for usage.
+
             :param ip_sets: A list of IP addresses and address ranges, in CIDR notation.
             :param port_sets: A list of port ranges.
 
@@ -5900,7 +5902,7 @@ class CfnTLSInspectionConfiguration(
 
                If a server certificate that's associated with your `TLSInspectionConfiguration <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-tlsinspectionconfiguration.html>`_ is revoked, deleted, or expired it can result in client-side TLS errors.
 
-            :param certificate_authority_arn: The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection. The following limitations apply: - You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM. - You can't use certificates issued by AWS Private Certificate Authority . For more information about configuring certificates for outbound inspection, see `Using SSL/TLS certificates with certificates with TLS inspection configurations <https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html>`_ in the *AWS Network Firewall Developer Guide* . For information about working with certificates in ACM, see `Importing certificates <https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html>`_ in the *AWS Certificate Manager User Guide* .
+            :param certificate_authority_arn: The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection. The following limitations apply: - You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM. - You can't use certificates issued by AWS Private Certificate Authority . For more information about configuring certificates for outbound inspection, see `Using SSL/TLS certificates with TLS inspection configurations <https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html>`_ in the *AWS Network Firewall Developer Guide* . For information about working with certificates in ACM, see `Importing certificates <https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html>`_ in the *AWS Certificate Manager User Guide* .
             :param check_certificate_revocation_status: When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a ``CertificateAuthorityArn`` in `ServerCertificateConfiguration <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-servercertificateconfiguration.html>`_ .
             :param scopes: A list of scopes.
             :param server_certificates: The list of server certificates to use for inbound SSL/TLS inspection.
@@ -5967,7 +5969,7 @@ class CfnTLSInspectionConfiguration(
             - You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM.
             - You can't use certificates issued by AWS Private Certificate Authority .
 
-            For more information about configuring certificates for outbound inspection, see `Using SSL/TLS certificates with certificates with TLS inspection configurations <https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html>`_ in the *AWS Network Firewall Developer Guide* .
+            For more information about configuring certificates for outbound inspection, see `Using SSL/TLS certificates with TLS inspection configurations <https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html>`_ in the *AWS Network Firewall Developer Guide* .
 
             For information about working with certificates in ACM, see `Importing certificates <https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html>`_ in the *AWS Certificate Manager User Guide* .
 

aws_cdk/aws_networkmanager/__init__.py

@@ -7237,7 +7237,9 @@ class CfnVpcAttachment(
             # the properties below are optional
             options=networkmanager.CfnVpcAttachment.VpcOptionsProperty(
                 appliance_mode_support=False,
-                ipv6_support=False
+                dns_support=False,
+                ipv6_support=False,
+                security_group_referencing_support=False
             ),
             proposed_network_function_group_change=networkmanager.CfnVpcAttachment.ProposedNetworkFunctionGroupChangeProperty(
                 attachment_policy_rule_number=123,
@@ -7752,7 +7754,9 @@ class CfnVpcAttachment(
         jsii_struct_bases=[],
         name_mapping={
             "appliance_mode_support": "applianceModeSupport",
+            "dns_support": "dnsSupport",
             "ipv6_support": "ipv6Support",
+            "security_group_referencing_support": "securityGroupReferencingSupport",
         },
     )
     class VpcOptionsProperty:
@@ -7760,12 +7764,16 @@ class CfnVpcAttachment(
             self,
             *,
             appliance_mode_support: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+            dns_support: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
             ipv6_support: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+            security_group_referencing_support: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         ) -> None:
             '''Describes the VPC options.
 
             :param appliance_mode_support: Indicates whether appliance mode is supported. If enabled, traffic flow between a source and destination use the same Availability Zone for the VPC attachment for the lifetime of that flow. The default value is ``false`` . Default: - false
+            :param dns_support: Indicates whether DNS is supported. Default: - true
             :param ipv6_support: Indicates whether IPv6 is supported. Default: - false
+            :param security_group_referencing_support: Indicates whether security group referencing is enabled for this VPC attachment. The default is ``true`` . However, at the core network policy-level the default is set to ``false`` . Default: - true
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkmanager-vpcattachment-vpcoptions.html
             :exampleMetadata: fixture=_generated
@@ -7778,18 +7786,26 @@ class CfnVpcAttachment(
                 
                 vpc_options_property = networkmanager.CfnVpcAttachment.VpcOptionsProperty(
                     appliance_mode_support=False,
-                    ipv6_support=False
+                    dns_support=False,
+                    ipv6_support=False,
+                    security_group_referencing_support=False
                 )
             '''
             if __debug__:
                 type_hints = typing.get_type_hints(_typecheckingstub__e0178ed6021c1858c87186be29fec1d6351e020d4e0f48dd2207432dbeaf7b50)
                 check_type(argname="argument appliance_mode_support", value=appliance_mode_support, expected_type=type_hints["appliance_mode_support"])
+                check_type(argname="argument dns_support", value=dns_support, expected_type=type_hints["dns_support"])
                 check_type(argname="argument ipv6_support", value=ipv6_support, expected_type=type_hints["ipv6_support"])
+                check_type(argname="argument security_group_referencing_support", value=security_group_referencing_support, expected_type=type_hints["security_group_referencing_support"])
             self._values: typing.Dict[builtins.str, typing.Any] = {}
             if appliance_mode_support is not None:
                 self._values["appliance_mode_support"] = appliance_mode_support
+            if dns_support is not None:
+                self._values["dns_support"] = dns_support
             if ipv6_support is not None:
                 self._values["ipv6_support"] = ipv6_support
+            if security_group_referencing_support is not None:
+                self._values["security_group_referencing_support"] = security_group_referencing_support
 
         @builtins.property
         def appliance_mode_support(
@@ -7806,6 +7822,19 @@ class CfnVpcAttachment(
             result = self._values.get("appliance_mode_support")
             return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], result)
 
+        @builtins.property
+        def dns_support(
+            self,
+        ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
+            '''Indicates whether DNS is supported.
+
+            :default: - true
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkmanager-vpcattachment-vpcoptions.html#cfn-networkmanager-vpcattachment-vpcoptions-dnssupport
+            '''
+            result = self._values.get("dns_support")
+            return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], result)
+
         @builtins.property
         def ipv6_support(
             self,
@@ -7819,6 +7848,21 @@ class CfnVpcAttachment(
             result = self._values.get("ipv6_support")
             return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], result)
 
+        @builtins.property
+        def security_group_referencing_support(
+            self,
+        ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
+            '''Indicates whether security group referencing is enabled for this VPC attachment.
+
+            The default is ``true`` . However, at the core network policy-level the default is set to ``false`` .
+
+            :default: - true
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkmanager-vpcattachment-vpcoptions.html#cfn-networkmanager-vpcattachment-vpcoptions-securitygroupreferencingsupport
+            '''
+            result = self._values.get("security_group_referencing_support")
+            return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], result)
+
         def __eq__(self, rhs: typing.Any) -> builtins.bool:
             return isinstance(rhs, self.__class__) and rhs._values == self._values
 
@@ -7883,7 +7927,9 @@ class CfnVpcAttachmentProps:
                 # the properties below are optional
                 options=networkmanager.CfnVpcAttachment.VpcOptionsProperty(
                     appliance_mode_support=False,
-                    ipv6_support=False
+                    dns_support=False,
+                    ipv6_support=False,
+                    security_group_referencing_support=False
                 ),
                 proposed_network_function_group_change=networkmanager.CfnVpcAttachment.ProposedNetworkFunctionGroupChangeProperty(
                     attachment_policy_rule_number=123,
@@ -9273,7 +9319,9 @@ def _typecheckingstub__557bf3a5ccb396638b970920d51e56a5af3a62c8b836006da453e705f
 def _typecheckingstub__e0178ed6021c1858c87186be29fec1d6351e020d4e0f48dd2207432dbeaf7b50(
     *,
     appliance_mode_support: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+    dns_support: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     ipv6_support: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+    security_group_referencing_support: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
 ) -> None:
     """Type checking stubs"""
     pass

aws_cdk/aws_opsworkscm/__init__.py

@@ -113,6 +113,7 @@ class CfnServer(
             preferred_backup_window="preferredBackupWindow",
             preferred_maintenance_window="preferredMaintenanceWindow",
             security_group_ids=["securityGroupIds"],
+            server_name="serverName",
             subnet_ids=["subnetIds"],
             tags=[CfnTag(
                 key="key",
@@ -144,6 +145,7 @@ class CfnServer(
         preferred_backup_window: typing.Optional[builtins.str] = None,
         preferred_maintenance_window: typing.Optional[builtins.str] = None,
         security_group_ids: typing.Optional[typing.Sequence[builtins.str]] = None,
+        server_name: typing.Optional[builtins.str] = None,
         subnet_ids: typing.Optional[typing.Sequence[builtins.str]] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
     ) -> None:
@@ -168,6 +170,7 @@ class CfnServer(
         :param preferred_backup_window: The start time for a one-hour period during which AWS OpsWorks CM backs up application-level data on your server if automated backups are enabled. Valid values must be specified in one of the following formats: - ``HH:MM`` for daily backups - ``DDD:HH:MM`` for weekly backups ``MM`` must be specified as ``00`` . The specified time is in coordinated universal time (UTC). The default value is a random, daily start time. *Example:* ``08:00`` , which represents a daily start time of 08:00 UTC. *Example:* ``Mon:08:00`` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)
         :param preferred_maintenance_window: The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: ``DDD:HH:MM`` . ``MM`` must be specified as ``00`` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See ``TimeWindowDefinition`` for more information. *Example:* ``Mon:08:00`` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)
         :param security_group_ids: A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by ``SubnetIds`` . If you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).
+        :param server_name: The name of the server. The server name must be unique within your AWS account, within each region. Server names must start with a letter; then letters, numbers, or hyphens (-) are allowed, up to a maximum of 40 characters.
         :param subnet_ids: The IDs of subnets in which to launch the server EC2 instance. Amazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have "Auto Assign Public IP" enabled. EC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have "Auto Assign Public IP" enabled. For more information about supported Amazon EC2 platforms, see `Supported Platforms <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html>`_ .
         :param tags: A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server. - The key cannot be empty. - The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /
         '''
@@ -194,6 +197,7 @@ class CfnServer(
             preferred_backup_window=preferred_backup_window,
             preferred_maintenance_window=preferred_maintenance_window,
             security_group_ids=security_group_ids,
+            server_name=server_name,
             subnet_ids=subnet_ids,
             tags=tags,
         )
@@ -262,8 +266,7 @@ class CfnServer(
     @builtins.property
     @jsii.member(jsii_name="attrServerName")
     def attr_server_name(self) -> builtins.str:
-        '''The name of the server.
-
+        '''
         :cloudformationAttribute: ServerName
         '''
         return typing.cast(builtins.str, jsii.get(self, "attrServerName"))
@@ -534,6 +537,19 @@ class CfnServer(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "securityGroupIds", value) # pyright: ignore[reportArgumentType]
 
+    @builtins.property
+    @jsii.member(jsii_name="serverName")
+    def server_name(self) -> typing.Optional[builtins.str]:
+        '''The name of the server.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "serverName"))
+
+    @server_name.setter
+    def server_name(self, value: typing.Optional[builtins.str]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__0fdc9b0c6ccfb79b318a5321a2bdb7586f084e301b627e9b708804bad96c9238)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "serverName", value) # pyright: ignore[reportArgumentType]
+
     @builtins.property
     @jsii.member(jsii_name="subnetIds")
     def subnet_ids(self) -> typing.Optional[typing.List[builtins.str]]:
@@ -679,6 +695,7 @@ class CfnServer(
         "preferred_backup_window": "preferredBackupWindow",
         "preferred_maintenance_window": "preferredMaintenanceWindow",
         "security_group_ids": "securityGroupIds",
+        "server_name": "serverName",
         "subnet_ids": "subnetIds",
         "tags": "tags",
     },
@@ -705,6 +722,7 @@ class CfnServerProps:
         preferred_backup_window: typing.Optional[builtins.str] = None,
         preferred_maintenance_window: typing.Optional[builtins.str] = None,
         security_group_ids: typing.Optional[typing.Sequence[builtins.str]] = None,
+        server_name: typing.Optional[builtins.str] = None,
         subnet_ids: typing.Optional[typing.Sequence[builtins.str]] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
     ) -> None:
@@ -728,6 +746,7 @@ class CfnServerProps:
         :param preferred_backup_window: The start time for a one-hour period during which AWS OpsWorks CM backs up application-level data on your server if automated backups are enabled. Valid values must be specified in one of the following formats: - ``HH:MM`` for daily backups - ``DDD:HH:MM`` for weekly backups ``MM`` must be specified as ``00`` . The specified time is in coordinated universal time (UTC). The default value is a random, daily start time. *Example:* ``08:00`` , which represents a daily start time of 08:00 UTC. *Example:* ``Mon:08:00`` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)
         :param preferred_maintenance_window: The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: ``DDD:HH:MM`` . ``MM`` must be specified as ``00`` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See ``TimeWindowDefinition`` for more information. *Example:* ``Mon:08:00`` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)
         :param security_group_ids: A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by ``SubnetIds`` . If you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).
+        :param server_name: The name of the server. The server name must be unique within your AWS account, within each region. Server names must start with a letter; then letters, numbers, or hyphens (-) are allowed, up to a maximum of 40 characters.
         :param subnet_ids: The IDs of subnets in which to launch the server EC2 instance. Amazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have "Auto Assign Public IP" enabled. EC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have "Auto Assign Public IP" enabled. For more information about supported Amazon EC2 platforms, see `Supported Platforms <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html>`_ .
         :param tags: A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server. - The key cannot be empty. - The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /
 
@@ -764,6 +783,7 @@ class CfnServerProps:
                 preferred_backup_window="preferredBackupWindow",
                 preferred_maintenance_window="preferredMaintenanceWindow",
                 security_group_ids=["securityGroupIds"],
+                server_name="serverName",
                 subnet_ids=["subnetIds"],
                 tags=[CfnTag(
                     key="key",
@@ -791,6 +811,7 @@ class CfnServerProps:
             check_type(argname="argument preferred_backup_window", value=preferred_backup_window, expected_type=type_hints["preferred_backup_window"])
             check_type(argname="argument preferred_maintenance_window", value=preferred_maintenance_window, expected_type=type_hints["preferred_maintenance_window"])
             check_type(argname="argument security_group_ids", value=security_group_ids, expected_type=type_hints["security_group_ids"])
+            check_type(argname="argument server_name", value=server_name, expected_type=type_hints["server_name"])
             check_type(argname="argument subnet_ids", value=subnet_ids, expected_type=type_hints["subnet_ids"])
             check_type(argname="argument tags", value=tags, expected_type=type_hints["tags"])
         self._values: typing.Dict[builtins.str, typing.Any] = {
@@ -828,6 +849,8 @@ class CfnServerProps:
             self._values["preferred_maintenance_window"] = preferred_maintenance_window
         if security_group_ids is not None:
             self._values["security_group_ids"] = security_group_ids
+        if server_name is not None:
+            self._values["server_name"] = server_name
         if subnet_ids is not None:
             self._values["subnet_ids"] = subnet_ids
         if tags is not None:
@@ -1056,6 +1079,17 @@ class CfnServerProps:
         result = self._values.get("security_group_ids")
         return typing.cast(typing.Optional[typing.List[builtins.str]], result)
 
+    @builtins.property
+    def server_name(self) -> typing.Optional[builtins.str]:
+        '''The name of the server.
+
+        The server name must be unique within your AWS account, within each region. Server names must start with a letter; then letters, numbers, or hyphens (-) are allowed, up to a maximum of 40 characters.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opsworkscm-server.html#cfn-opsworkscm-server-servername
+        '''
+        result = self._values.get("server_name")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def subnet_ids(self) -> typing.Optional[typing.List[builtins.str]]:
         '''The IDs of subnets in which to launch the server EC2 instance.
@@ -1131,6 +1165,7 @@ def _typecheckingstub__4fcf3005231c62e7682797d2e25d33ceb0c0b9602a2f2ffe6a7c3dabf
     preferred_backup_window: typing.Optional[builtins.str] = None,
     preferred_maintenance_window: typing.Optional[builtins.str] = None,
     security_group_ids: typing.Optional[typing.Sequence[builtins.str]] = None,
+    server_name: typing.Optional[builtins.str] = None,
     subnet_ids: typing.Optional[typing.Sequence[builtins.str]] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
 ) -> None:
@@ -1257,6 +1292,12 @@ def _typecheckingstub__d7663e937d0fabd66d40de7584fca886669aae87261a418b199493778
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__0fdc9b0c6ccfb79b318a5321a2bdb7586f084e301b627e9b708804bad96c9238(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__e6d133d8dd209b40a7f4c3900293e312fe8b95abc9cfff43e88a6fd1608b595b(
     value: typing.Optional[typing.List[builtins.str]],
 ) -> None:
@@ -1297,6 +1338,7 @@ def _typecheckingstub__6f3d9a63c768f1a40206835320dfa128b267da1fa702fbb4ecd8ac94b
     preferred_backup_window: typing.Optional[builtins.str] = None,
     preferred_maintenance_window: typing.Optional[builtins.str] = None,
     security_group_ids: typing.Optional[typing.Sequence[builtins.str]] = None,
+    server_name: typing.Optional[builtins.str] = None,
     subnet_ids: typing.Optional[typing.Sequence[builtins.str]] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
 ) -> None: